Forced Password Change After Reset

This new feature of Directory Server enables administrators to force regular system users to change their passwords after a password
reset.

This feature is enabled by the pwd-must-change-enabled property.
This property specifies whether a user must change the password when he first
binds or after the password has been set or reset. The feature is disabled
by default.

You can enable this feature by selecting the Password Reset checkbox
in the DSCC as illustrated in the following figure.

To view the current policy for requiring password change after password
reset, use the following command: